ClickOnce Security

Microsoft's ClickOnce technology, which is quite similar to Java WebStart has a number of vulnerabilities and any ClickOnce client server application developed on dotnet technology can be completely compromised if appropriate security controls are not used.

1. The ILDASM tool available within the .net framework can be used to disassemble the application client and any database related logic/info can be exposed to hackers.